CVE-2010-3421

Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter, a different vector than CVE-2004-2174 and CVE-2005-0995. NOTE: some of these details are obtained from third party information.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:productcart:productcart:4.1:sp1:*:*:*:*:*:*
cpe:2.3:a:productcart:productcart:3.0:*:*:*:*:*:*:*
cpe:2.3:a:productcart:productcart:4.1:*:*:*:*:*:*:*

Information

Published : 2010-09-16 15:00

Updated : 2017-08-16 18:32


NVD link : CVE-2010-3421

Mitre link : CVE-2010-3421


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

productcart

  • productcart